matrix-bridge-signal/tasks/main.yml
2022-07-21 19:08:51 +02:00

141 lines
3.4 KiB
YAML

---
- name: Setup postgres
include_role:
name: postgre
vars:
postgres_users:
- name: bridge_signal_user
password: "{{ matrix_bridge_signal_postgre_user_pwd }}"
databases:
- name: bridge_signal
owner: bridge_signal_user
local: C
template: template0
no_log: {{ enable_no_log | default('true') }}
- name: Install the pgp key for the signald repo.
copy:
src: signald-keyring.gpg
dest: /etc/apt/trusted.gpg.d/signald-keyring.gpg
mode: 0644
- name: Add signald repo to source list
ansible.builtin.apt_repository:
repo: "deb https://updates.signald.org unstable main"
state: present
- name: Install dependencies
apt:
name:
- signald
- python3
- python3-virtualenv
- python3-pip
- libolm-dev # for encryption
- python3-dev #
- build-essential #
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Enable the signald daemon
systemd:
name: signald
state: started
enabled: yes
- name: Create the mautrix-signal user
user:
name: mautrix-signal
home: /opt/mautrix-signal
groups:
- signald
password_lock: yes
system: yes
- name: Install bridge
become: yes
become_user: mautrix-signal
pip:
name: mautrix-signal[all]
state: latest
virtualenv: /opt/mautrix-signal
virtualenv_command: virtualenv
virtualenv_python: /usr/bin/python3
- name: Check if the bridge is already configured
stat:
path: /opt/mautrix-signal/config.yaml
register: register_config
- name: Set read token variable
block:
- name: read config file
slurp:
src: /opt/mautrix-signal/config.yaml
register: encoded_config
- name: decode config file
set_fact:
signal_config: "{{ encoded_config.content | b64decode | from_yaml }}"
- name: extract tokens
set_fact:
matrix_bridge_signal_as_token: "{{ signal_config.appservice.as_token }}"
matrix_bridge_signal_hs_token: "{{ signal_config.appservice.hs_token }}"
when: register_config.stat.exists
- name: Configure the bridge
template:
src: config.yaml
dest: /opt/mautrix-signal/config.yaml
owner: mautrix-signal
group: nogroup
mode: '0600'
notify: Restart the signal bridge
no_log: {{ enable_no_log | default('true') }}
- name: Generate signal-registration.yaml
become: yes
become_user: mautrix-signal
shell:
cmd: "/opt/mautrix-signal/bin/python -m mautrix_signal -g"
chdir: /opt/mautrix-signal
creates: /opt/mautrix-signal/registration.yaml
notify: Restart synapse
no_log: {{ enable_no_log | default('true') }}
- name: Ensure the registration directory exists
file:
path: /etc/matrix-synapse/registrations
state: directory
group: root
owner: root
mode: u=rwx,g=rx,o=rx
- name: Copy registration for synapse
file:
src: /opt/mautrix-signal/registration.yaml
dest: /etc/matrix-synapse/registrations/signal-registration.yaml
state: link
- name: Ensure the log directory exists
file:
path: /var/log/bridge_signal
state: directory
group: nogroup
owner: mautrix-signal
mode: u=rwx,g=rx,o=
- name: Copy the daemon configuration
template:
src: bridge_signal.service
dest: /etc/systemd/system/bridge_signal.service
notify: Restart the signal bridge
- name: Enable the daemon
systemd:
name: bridge_signal
state: started
enabled: yes